Securing the Internet of Things This page intentionally left blank Securing the Internet of Things Shancang Li Li Da Xu Imed Romdhani, Contributor Syngress is an imprint of Elsevier 50 Hampshire Street, 5th Floor, Cambridge, MA 02139, United States Copyright r 2017 Elsevier Inc. All rights reserved. No part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or any information storage and retrieval system, without permission in writing from the publisher. Details on how to seek permission, further information about the Publisher’s permissions policies and our arrangements with organizations such as the Copyright Clearance Center and the Copyright Licensing Agency, can be found at our website: www.elsevier.com/permissions. This book and the individual contributions contained in it are protected under copyright by the Publisher (other than as may be noted herein). Notices Knowledge and best practice in this field are constantly changing. As new research and experience broaden our understanding, changes in research methods, professional practices, or medical treatment may become necessary. Practitioners and researchers must always rely on their own experience and knowledge in evaluating and using any information, methods, compounds, or experiments described herein. In using such information or methods they should be mindful of their own safety and the safety of others, including parties for whom they have a professional responsibility. To the fullest extent of the law, neither the Publisher nor the authors, contributors, or editors, assume any liability for any injury and/or damage to persons or property as a matter of products liability, negligence or otherwise, or from any use or operation of any methods, products, instructions, or ideas contained in the material herein. British Library Cataloguing-in-Publication Data A catalogue record for this book is available from the British Library Library of Congress Cataloging-in-Publication Data A catalog record for this book is available from the Library of Congress ISBN: 978-0-12-804458-2 For Information on all Syngress publications visit our website at https://www.elsevier.com Publisher: Todd Green Acquisition Editor: Brian Romer Editorial Project Manager: Anna Valutkevich Production Project Manager: Punithavathy Govindaradjane Designer: Mark Rogers Typeset by MPS Limited, Chennai, India Contents ABOUT THE AUTHORS ................................................................................ ix CHAPTER 1 Introduction: Securing the Internet of Things ........................... 1 Shancang Li 1.1 Introduction..................................................................................... 1 1.1.1 Overview............................................................................... 1 1.1.2 State-of-the-Art................................................................... 2 1.1.3 Security Requirements .......................................................4 1.2 Security Requirements in IoT Architecture.................................. 6 1.2.1 Sensing Layer and IoT End-Nodes ....................................7 1.2.2 Network Layer..................................................................... 9 1.2.3 Service Layer.....................................................................11 1.2.4 ApplicationInterface Layer ............................................13 1.2.5 Cross-Layer Threats .........................................................14 1.2.6 Threats Caused in Maintenance of IoT............................15 1.3 Security in Enabling Technologies.............................................. 15 1.3.1 Security in Identification and Tracking Technologies ....15 1.3.2 Security in Integration of WSN and RFID........................16 1.3.3 Security in Communications ............................................17 1.3.4 Security in Networks ........................................................18 1.3.5 Security in Service Management .....................................18 1.4 Security Concerns in IoT Applications........................................ 19 1.4.1 Security Concerns in SCADA Systems ............................19 1.4.2 Security Concerns in Enterprise Information Systems.............................................................................. 20 1.4.3 Security Concerns in Social IoT .......................................21 1.4.4 Confidentiality and Security for IoT-Based Healthcare ......................................................................... 22 1.5 Summary....................................................................................... 22 References ............................................................................................ 23 CHAPTER 2 Security Architecture in the Internet of Things....................... 27 Shancang Li 2.1 Introduction................................................................................... 27 v 2.2 Security Requirements in IoT...................................................... 28 vi Contents 2.2.1 IoT Data Security Challenges...........................................29 2.2.2 Security in the Sensing Layer ..........................................31 2.2.3 Security in the Network Layer .........................................32 2.2.4 Security in the Service Layer ...........................................32 2.2.5 Security in the Interface Layer ........................................33 2.2.6 Challenges to Secure IoT .................................................33 2.3 Insufficient Authentication/Authorization ................................... 34 2.3.1 Authentication in IoT ......................................................... 34 2.3.2 Authorization ..................................................................... 34 2.3.3 Insufficient Authentication/Authorization........................35 2.3.4 Insufficient Device Authentication in IoT.........................36 2.4 Insecure Access Control.............................................................. 37 2.4.1 Role-Based Access Control Systems ..............................38 2.4.2 Access Control List-Based Systems ...............................38 2.4.3 Capability-Based Access ..................................................39 2.4.4 Challenges in Access Control ..........................................40 2.5 Threats to Access Control, Privacy, and Availability ................. 40 2.5.1 Threats in Network Layer ................................................42 2.5.2 Threats in Sensing Layer.................................................. 43 2.5.3 Threats in Cross-Layer and Maintenance of IoT ............45 2.6 Attacks Specific to IoT ................................................................. 46 2.6.1 Physical Access................................................................. 46 2.6.2 Local Attacks Over WiFi ...................................................48 References ............................................................................................ 48 CHAPTER 3 Security and Vulnerability in the Internet of Things ............... 49 Shancang Li 3.1 Secrecy and Secret-Key Capacity ............................................... 49 3.2 Authentication/Authorization for Smart Devices ....................... 52 3.3 Transport Encryption ................................................................... 56 3.3.1 Transport Layer Security..................................................57 3.3.2 Secure Sockets Layer .......................................................57 3.3.3 HTTPS ................................................................................ 57 3.3.4 Transport Trust in IoT.......................................................58 3.4 Secure Cloud/Web Interface ....................................................... 59 3.5 Secure Software/Firmware ......................................................... 60 3.6 Physical Layer Security ............................................................... 63 3.7 Summary....................................................................................... 65 References ............................................................................................ 66 Further Reading .................................................................................... 66 CHAPTER 4 IoT Node Authentication............................................................ 69 Shancang Li 4.1 Security Goals in IoT .................................................................... 70 4.2 Public-Key-Based Authentication ............................................... 71 4.2.1 Symmetric Cryptography..................................................73 Contents vii 4.2.2 Public-Key Cryptography..................................................75 4.2.3 Public Key Infrastructure .................................................76 4.3 Identify-Based Authentication, Encryption, and Digital Signature....................................................................................... 78 4.3.1 Identify-Based Authentication ..........................................78 4.3.2 Digital Signature ...............................................................80 4.3.3 Raw Public Key.................................................................. 83 4.3.4 X.509 Certificates ..............................................................84 4.4 IP Connectivity .............................................................................. 85 4.4.1 Datagram Transport Layer Security................................85 4.4.2 Constrained Application Protocol ....................................88 4.5 Lightweight Cryptography............................................................ 88 4.5.1 Efficiency of End-to-End Communication .......................89 4.5.2 Applicability to Lower Resource Devices ........................89 4.6 Existing Security Schemes for IoT .............................................. 90 4.7 Summary....................................................................................... 93 Further Reading .................................................................................... 93 CHAPTER 5 Security Requirements in IoT Architecture ............................. 97 Shancang Li 5.1 Introduction................................................................................... 97 5.1.1 Security Challenges in IoT Environment .........................99 5.1.2 Sensing Layer and IoT End-Nodes ................................100 5.2 Network Layer ............................................................................ 102 5.3 Service Layer .............................................................................. 104 5.4 ApplicationInterface Layer...................................................... 106 5.5 Cross-Layer Threats .................................................................. 107 5.6 Threats Caused in Maintenance of IoT..................................... 108 References .......................................................................................... 108 CHAPTER 6 Security in Enabling Technologies ......................................... 109 Shancang Li and Li Da Xu 6.1 Security in Identification and Tracking Technologies ............. 109 6.1.1 Identification ....................................................................110 6.2 Security in Integration of Wireless Sensor Network and RFID............................................................................................. 111 6.3 Security in Communications ..................................................... 114 6.4 Security Protocols and Privacy Issues into 6LoWPAN Stack............................................................................................ 115 6.5 Security in Service Management .............................................. 115 References .......................................................................................... 116 Further Reading .................................................................................. 116 CHAPTER 7 Existing Security Scheme for IoT ........................................... 119 Imed Romdhani 7.1 Data Security and Privacy.......................................................... 119 7.2 Data Confidentiality and Key Management .............................. 120 viii Contents 7.3 Literature Review ....................................................................... 123 References .......................................................................................... 127 Further Reading .................................................................................. 129 CHAPTER 8 Security Concerns in Social IoT.............................................. 131 Imed Romdhani References .......................................................................................... 132 CHAPTER 9 Confidentiality and Security for IoT Based Healthcare ........ 133 Imed Romdhani References .......................................................................................... 136 Further Reading .................................................................................. 137 INDEX ...................................................................................................... 141 About the Authors Shancang Li is a Senior Lecturer in Department of Computer Science and Creative Technologies, University of the West of England, Bristol, UK. Shancang previously worked as a lecturer at Edinburgh Napier University and as security researcher in Cryptographic Group at University of Bristol where he conducted mobile/digital forensics across a range of industries and technologies. His security background ranges from network penetration test- ing, wireless security, mobile security, and digital forensics. Li Da Xu is an IEEE Fellow and an academician of Russian Academy of Engineering. He is an Eminent Professor in Department of Information Technology and Decision Science at Old Dominion University, Norfolk, VA, USA. He was recognized as a Highly Cited Researcher in 2016 by Thomson Reuters. According to Thomson Reuters, “Highly Cited Researchers 2016 repre- sent some of world’s most influential scientific minds.” He is the Founding Chair of IFIP TC8 WG8.9, Founding Chair of the IEEE SMC Society Technical Committee on Enterprise Information Systems, and Founding Editor-in-Chief of the journals titled, Journal of Industrial Information Integration (Elsevier BV), Journal of Industrial Integration and Management (World Scientific), Enterprise Information Systems (Taylor & Francis) and Founding Co-Editor-in-Chief of Frontiers of Engineering Management (Higher Education Press) and Journal of Management Analytics (Taylor & Francis). In addition to these notable achievements, he is also an endowed Changjiang Chair Professor in the Ministry of Education of China. Dr. Xu’s affiliations include the Institute of Computing Technology, the Chinese Academy of Sciences, the University of Science and Technology of China, Shanghai Jiao Tong University, the China State Council Development Research Center, and Old Dominion University, VA, USA. He participated in early research and educational academic activities in the subject of systems science and engineering. Professor Xu collaborated and ix x About the Authors worked extensively with pioneering scholars such as West Churchman, John Warfield, and Qian Xuesen. Furthermore, he spearheaded early research and educational academic activities in the subject of information systems and enterprise systems, which was started in the early 1980s. Many consider him to be one of the founding fathers of an emerging disci- pline called Industrial Information Integration Engineering. He is the author of the recent book entitled Enterprise Integration and Information Architecture and the coauthor of the book entitled Systems Science Methodological Approaches published by Taylor & Francis Group. Many well-known scholars including Qian Xuesen have cited his work in their seminal research. CHAPTER 1 Introduction: Securing the Internet of Things Shancang Li 1.1 INTRODUCTION The emerging Internet of Things (IoT) is believed to be the next generation of the Internet and will become an attractive target for hackers (Roman et al., 2011), in which billions of things are interconnected. Each physical object in the IoT is able to interact without human interventions (Bi et al., 2014). In recent years, a variety of applications with different infrastructures have been developed, such as logistics, manufacturing, healthcare, industrial surveil- lance, etc. (ITU, 2013; Pretz, 2013). A number of cutting-edge techniques (such as intelligent sensors, wireless communication, networks, data analysis technologies, cloud computing, etc.) have been developed to realize the potential of the IoT with different intelligent systems (Bi et al., 2014; Tan et al., 2014). However, technologies for the IoT are still in their infant stages and a lot of technical difficulties associated with IoT need to be overcomed (Li et al., 2014c). One of the most significant obstacles in IoT is security (Li et al., 2014c), which involves the sensing of infrastructure security, communication network security, application security, and general system security (Keoh et al., 2014). To address the security challenges in IoT, we will analyze the security problems in IoT based on four-layer architecture. 1.1.1 Overview The concept of IoT was firstly proposed in 1999 (Li et al., 2014c) and the exact definition is still subjective to different perspectives taken (Hepp et al., 2007; ITU, 2013; Li et al., 2014c; Pretz, 2013). The IoT is believed to be the future Internet for the new generation, which integrates various ranges of technologies, including sensory, communication, networking, service- oriented architecture (SoA), and intelligent information processing technolo- gies (Council, 2008; Li et al., 2014c; Lim et al., 2013). However, it also brings a number of significant challenges, such as security, integration of 1 Securing the Internet of Things. DOI: http://dx.doi.org/10.1016/B978-0-12-804458-2.00001-9 © 2017 Elsevier Inc. All rights reserved. 2 CHAPTER 1: Introduction: Securing the Internet of Things hybrid networks, intelligent sensing technologies, etc. Security is the chief among them, which plays a fundamental role to protect the IoT against attacks and malfunctions (Roman et al., 2011). Traditionally, the security means cryptography, secure communication, and privacy assurances. However, in IoT security encompasses a wider range of tasks, including data confidentiality, services availability, integrity, antimalware, information integ- rity, privacy protection, access control, etc. (Keoh et al., 2014). As an open ecosystem, the IoT security is orthogonal to other research areas. The great diversity of IoT makes it very vulnerable to attacks against avail- ability, service integrity, security, and privacy. At the lower layer of IoT (sensing layer), the sensing devices/technologies have very limited computation capacity and energy supply and cannot provide well security protection; at the middle layers (such as network layer, service layer), the IoT relies on networking and communications which facilitates eavesdropping, interception, and denial of service (DoS) attacks. For example, in network layer, a self-organized topology without centralized control is prone to attacks against authentication, such as node replication, node suppression, node impersonation, etc. At the upper layer (such as application layer), the data aggregation and encryption turn out to be useful to mitigate the scalability and vulnerability problems of all layers. To build a trustworthy IoT, a system-level security analytics and self-adaptive security policy framework are needed. 1.1.2 State-of-the-Art The IoT is an extension of the Internet by integrating mobile networks, Internet, social networks, and intelligent things to provide better services or applications to users (Cai et al., 2014; Gu et al., 2014; Hoyland et al., 2014; Kang et al., 2014; Keoh et al., 2014; Li et al., 2014a; Li et al., 2014b; Tao et al., 2014; Xiao et al., 2014; Xu et al., 2014a; Xu et al., 2014b; Yuan Jie et al., 2014). The success of IoT depends on the standardization of security at various levels, which provides secured interoperability, compatibility, reli- ability, and effectiveness of the operations on a global scale (Li et al., 2014c). The importance of IoT has been recognized as top national strategies by many countries. The IoT European Research Cluster sponsored a number of IoT fundamental research projects: IoT-A was launched to design a reference model and architecture for IoT, while the ongoing RERUM project focuses on IoT security (Floerkemeier et al., 2007; Gama et al., 2012; Welbourne et al., 2009). The Japanese government proposed u-Japan and i-Japan strategies to promote a sustainable Information, Communication, and Technology (ICT) society (Ning, 2013). In United States, the information technology and inno- vation foundation (ITIF) focuses on new information and communication technologies for IoT (He and Xu, 2012; Xu, 2011). The South Korea 1.1 Introduction 3 conducted RFID/USN and “New IT Strategy” program to advance the IoT infrastructure development (Xu, 2011). The China government officially launched the “Sensing China” program in 2010 (Bi et al., 2014). Technically, a very diverse range of networking and communication technologies is available for IoT, such as WiFi, ZigBee (IEEE 802.15.4), BLE (Low energy Bluetooth), ANT, etc. More specifically, the Internet Engineering Task Force (IETF) has standardized 6LoWPAN (IPv6 over Low-Power Wireless Personal Area Networks), ROLL (routing over low-power and lossy-networks), and CoAP (constrained application protocol) to equip constrained devices (Cai et al., 2014; Chen et al., 2014; Esad-Djou, 2014; Gu et al., 2014; Hoyland et al., 2014; HP Company, 2014; Kang et al., 2014; Keoh et al., 2014; Li and Xiong, 2013; Li et al., 2014a; Oppliger, 2011; Raza et al., 2013; Roe, 2014; Tan et al., 2014; Wang and Wu, 2010; Xiao et al., 2014; Xu et al., 2014a, b; Yao et al., 2013). Concerns over the authenticity of software and protection of intellectual property produced various software verification and attestation techniques often referred to as trusted or measured boot. The confidentiality of data has always been and remains a primary concern. Security control mechanisms have been developed to ensure the security of data transmission in wireless communication and in motion, such as 802.11i (WPA2) or 802.1AE (MACsec). Recently, the security standards for the RFID market have been reported in Raza et al. (2012). For RFID applications, European Commission (EC) has released several recommendations to outline the following security issues in a lawful, ethical, socially, and politically acceptable way (Di Pietro et al., 2014; Esad-Djou, 2014; Furnell, 2007; Gaur, 2013; HP Company, 2014; Raza et al., 2012; Roe, 2014; Roman et al., 2013; Weber, 2013): I Measuring the deployment of RFID applications to ensure that national legislation is complying with the EU Data Protection Directive 95/46, 99/5, and 2002/58. I A framework for privacy and data protection impact assessments has been proposed (PIA; No. 4). I Assessment of implications of the application implementation for the protection of personal data and privacy (No. 5). I Identifying any applications that might raise information security threats. I Checking the information. I Issuing recommendations that concern the privacy information and transparency on RFID use. But for IoT, the security problem is still a challenging area. Billions of devices might be connected in IoT and well-designed security architecture is needed to fully protect the information and allow data to be securely shared over IoT. 4 CHAPTER 1: Introduction: Securing the Internet of Things New security challenges will be created by the endless variety of IoT applications. For example: I Industrial security concerns, including the intelligent sensors, embedded programmable logic controllers (PLCs), robotic systems, which are typically integrated with IoT infrastructure. Security control on the IoT industrial infrastructure is a big concern. I Hybrid system security controls. The IoT might involve many hybrid systems, how to provide cross-system security protection is crucial for the success of the IoT. I For the new business processes created in IoT, a security is needed to protect the business information and data. I IoT end-node security, how the end-nodes receive software updates, or security patches in a timely manner without impairing functional safety is a challenging. 1.1.3 Security Requirements In IoT, each connected device could be a potential doorway into the IoT infrastructure or personal data (HP Company, 2014; Roe, 2014). The data security and privacy concerns are very important but the potential risks associated with the IoT will reach new levels as interoperability, mashups, and autonomous decision-making begin to embed complexity, security loopholes, and potential vulnerability. Privacy risks will arise in the IoT since the complexity may create more vulnerability that is related to the ser- vice. In IoT, much information is related with our personal information, such as date of birth, location, budgets, etc. This is one aspect of the big data challenging, and security professions will need to ensure that they think through the potential privacy risks associated with the entire data set. The IoT should be implemented in a lawful, ethical, socially, and politically acceptable way, where legal challenges, systematic approaches, technical challenges, and business challenges should be considered. This chapter focuses on the technical implementation design of the security IoT architec- ture. Security must be addressed throughout the IoT lifecycle from the ini- tial design to the services running. The main research challenges in IoT scenario include the data confidentiality, privacy, and trust, as shown in Fig. 1.1 (Di Pietro et al., 2014; Furnell, 2007; Gaur, 2013; Miorandi et al., 2012; Roman et al., 2013; Weber, 2013). To well illustrate the security requirements in IoT, we modeled the IoT as four-layer architecture: sensing layer, network layer, service layer, and applicationinterface layer. Each layer is able to provide corresponding security controls, such as access control, device authentication, data integrity and confidentiality in transmission, availability, and the ability of 1.1 Introduction 5 Data Confidentiality Privacy • Insufficient authentication/authorization • Privacy, data protection, and information • Insecure interfaces (web, mobile, cloud, etc.) security risk management • Lack of transport encryption • Privacy by design and privacy by default • Confidentiality preserving • Data protection legislation • Access control • Traceability/profiling/unlawful processing Trust • Identity management system • Insecure software/firmware • Ensuring continuity and availability of services • Realization of malicious attacks against IoT devices and system • Loss of user control/difficult in making decision FIGURE 1.1 Security issues in IoT. Table 1.1 Top Ten Vulnerabilities in IoT Interface Service Network Sensing Security Concerns Layer Layer Layer Layer Insecure web interface O O O Insufficient authentication/ O O O O authorization Insecure network services O O Lack of transport encryption O O Privacy concerns O O O Insecure Cloud interface O Insecure mobile interface O O O Insecure security O O O configuration Insecure software/firmware O O Poor physical security O O antivirus or attacks. In Table 1.1, the most important security concerns in IoT are summarized. The security requirements depend on each of these particularly sensing technology, networks, layers, and have been identified in the following sections. 6 CHAPTER 1: Introduction: Securing the Internet of Things 1.2 SECURITY REQUIREMENTS IN IoT ARCHITECTURE A critical requirement of IoT is that the devices must be interconnected, which makes it be able to perform specific tasks, such as sensing, communi- cating, information processing, etc. The IoT is able to acquire, transmit, and process the information from the IoT end-nodes (such as RFID devices, sen- sors, gateway, intelligent devices, etc.) via network to accomplish highly com- plex tasks. The IoT should be able to provide applications with strong security protection (e.g., for online payment application, the IoT should be able to protect the integrity of payment information). The system architecture must provide operational guarantees for the IoT, which bridges the gap between the physical devices and the virtual worlds. In designing the framework of IoT, following factors should be taken into con- sideration: (1) technical factors, such as sensing techniques, communication methods, network technologies, etc.; (2) security protection, such as informa- tion confidentiality, transmission security, privacy protection, etc.; (3) busi- ness issues, such as business models, business processes, etc. Currently, the SoA has been successfully applied to IoT design, where the applications are moving towards service-oriented integration technologies. In business domain, the complex applications among diverse services have been appear- ing. Services reside in different layers of the IoT such as: sensing layer, net- work layer, services layer, and applicationinterface layer. The services-based application will heavily depend on the architecture of IoT. Fig. 1.2 depicts a generic SoA for IoT, which consists of four layers: I Sensing layer is integrated with end components of IoT to sense and acquire the information of devices; Sensing layer Network layer Service layer Interface layer RFID tags Service Service Social Business logic implementation Application bus Intelligent sensors WSNs network frontend Service RFID readers division Contract Data sensing Cloud acquisition internetwork Service WSNs protocols integration Interfaces Service repository WLAN Mobile Service Application network composition API BLE devices FIGURE 1.2 SoA for IoT (Bi et al., 2014). 1.2 Security Requirements in IoT Architecture 7 I Network layer is the infrastructure to support wireless or wired connections among things; I Service layer is to provide and manage services required by users or applications; I Applicationinterfaces layer consists of interaction methods with users or applications. The security requirements on each layer might be different due to its fea- tures. In general, the security solution for the IoT considers following requirements: (1) sensing layer and IoT end-node security requirements, (2) network layer security requirements, (3) service layer security require- ments, (4) applicationinterface layer security requirements, (5) the security requirements between layers, and (6) security requirements for services running and maintenance. 1.2.1 Sensing Layer and IoT End-Nodes The IoT is a multilayer network that interconnects devices for information acquisition, exchange, and processing. At the sensing layer, the intelligent tags and sensor networks are able to automatically sense the environment and exchange data among devices (Li et al., 2014c). In determining the sens- ing layer of an IoT, the main concerns are: I Cost, size, resource, and energy consumption. The things might be equipped with sensing devices such as RFID tags, sensors, actuator, etc., which should be designed to minimize required resources as well as cost. I Deployment. The IoT end-nodes (such as RFID reader, tags, sensors, etc.) can be deployed one-time, or in incremental or random ways depending on application requirements. I Heterogeneity. A variety of things or hybrid networks make the IoT very heterogeneous. I Communication. The IoT end-nodes should be designed in such a way that it is able to communicate with each other. I Networks. The IoT involves hybrid networks, such as Wireless Sensor Networks (WSNs), WMNs, and supervisory control and data acquisition (SCADA) systems. The security is an important concern in sensing layer. It is expected that IoT could be connected with industrial networks to provide users with smart ser- vices. However, it may cause new concerns in devices controlling, such as who can input authentication credentials or decide whether an application should be trusted. The security model in IoT must be able to make its own judgments and decision about whether to accept a command or execute a task. At sensing layer, the devices are designed for low power consumption with constraints 8 CHAPTER 1: Introduction: Securing the Internet of Things resources, which often have limited connectivity. The endless variety of IoT applications poses an equally wide variety of security challenges. I Devices authentication I Trusted devices I Leveraging the security controls and availability of infrastructures in sensing layer. I In terms of software update, how the sensing devices receive software updates or security patches in a timely manner without impairing functional safety or incurring significant recertification costs every time a patch is rolled out. In this layer, the security concerns can be classified into two main categories: I The security requirements at IoT end-node: physically security protection, access control, authentication, nonrepudiation, confidentiality, integrity, availability, and privacy. I The security requirements in sensing layer: confidentiality, data source authentication, device authentication, integrity, availability, and timeless. Table 1.2 summarizes the potential security threats and security vulnerabil- ities at IoT end-node and Table 1.3 analyses the security threats and vulner- abilities in sensing layer. To secure devices in this layer before users are at risk, following actions should be taken: (1) Implement security standards for IoT and ensure all Table 1.2 Security Threats and Vulnerabilities at IoT End-Node Security Threats Description Unauthorized Due to physically capture or logic attacked, the sensitive information access at the end-nodes is captured by the attacker Availability The end-node stops to work since physically captured or attacked logically Spoofing attack With malware node, the attacker successfully masquerades as IoT end-device, end-node, or end-gateway by falsifying data Selfish threat Some IoT end-nodes stop working to save resources or bandwidth to cause the failure of network Malicious code Virus, Trojan, and junk message that can cause software failure DoS An attempt to make a IoT end-node resource unavailable to its users Transmission Threats in transmission, such as interrupting, blocking, data threats manipulation, forgery, etc. Routing attack Attacks on a routing path 1.2 Security Requirements in IoT Architecture 9 Table 1.3 Analysis of the Security Threats and Vulnerabilities in Sensing Layer IoT End-Node Threats and Vulnerabilities IoT End-Devices IoT End-Node IoT End-Gateway Unauthorized access O O O Selfish threat O O Spoofing attack O O Malicious code O O O DoS O O O Transmission threats O Routing attack O O O devices are produced by meeting specific security standards; (2) Build trustworthy data sensing system and review the security of all devices/ components; (3) Forensically identify and trace the source of users; (4) Software or firmware at IoT end-node should be securely designed. 1.2.2 Network Layer The network layer connects all things in IoT and allows them to be aware of their surroundings. It is capable of aggregating data from existing IT infra- structures and then transmitted to other layers, such as sensing layer, service layers, etc. The IoT connects a variety of different networks, which may cause a lot of difficulties on network problems, security problems, and communi- cation problems. The deployment, management, and scheduling of networks are essential for the network layer in IoT. This enables devices to perform tasks collab- oratively. In the networking layer, the following issues should be addressed: I Network management technologies including the management for fixed, wireless, mobile networks, I Network energy efficiency, I Requirements of QoS, I Technologies for mining and searching, I Information confidentiality, I Security and privacy. Among these issues, information confidentiality and human privacy and security are critical because of its deployment, mobility, and complexity. The existing network security technologies can provide a basis for privacy and 10 CHAPTER 1: Introduction: Securing the Internet of Things security protection in IoT, but more works still need to be done. The security requirements in network layer involve: I Overall security requirements, including confidentiality, integrity, privacy protection, authentication, group authentication, keys protection, availability, etc. I Privacy leakage: Since some IoT devices physically located in untrusted places, which cause potential risks for attackers to physically find the privacy information such as user identification, etc. I Communication security: It involves the integrity and confidentiality of signaling in IoT communications. I Overconnected: The overconnected IoT may run risk of losing control of the user. Two security concerns may be caused: (1) DoS attack, the bandwidth required by signaling authentication can cause network congestion and further cause DoS; (2) Keys security, for the overconnected network, the keys operations could cause heavy network resources consumption. I MITM attack: The attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other over a private connection, when in fact the attacker controls the entire conversation. I Fake network message: Attackers could create fake signaling to isolate/misoperate the devices from the IoT. In the network layer, the possible security threats are summarized in Table 1.4 and in Table 1.5 the potential security threats and vulnerabilities are analyzed. The network infrastructure and protocols developed for IoT are different with existing IP network, special efforts are needed on following security concerns: (1) Authentication/Authorization, which involves vulnerabilities such as Table 1.4 Security Threats in Network Layer Security Threats Description Data breach Information released of secure information to an untrusted environment Public key and private key It comprises of keys in networks Malicious code Virus, Trojan, and junk message that can cause software failure DoS An attempt to make an IoT end-node resource unavailable to its users Transmission threats Threats in transmission, such as interrupting, blocking, data manipulation, forgery, etc. Routing attack Attacks on a routing path 1.2 Security Requirements in IoT Architecture 11 Table 1.5 The Security Threats and Vulnerabilities in Network Layer Privacy Leakage Confidentiality Integrity DoS PKI MITM Request Forgery Physical O O O protection Transmission O O O O O O security Overconnected O O O Cross-layer fusion O O O O password, access control, etc. and (2) Secure transport encryption—it is crucial to encrypt the transmission in this layer. 1.2.3 Service Layer In IoT, the service layer relies on middleware technology, which is an impor- tant enabler of services and applications. The service layer provides IoT a cost-effective platform where the hardware and software platforms could be reused. The IoT illustrates the activities required by the middle service specifi- cations, which are undertaken by various standards developed by the service providers and organizations. The service layer is designed based on the com- mon requirements of applications, application programming interfaces (APIs), and service protocols. The core set of services in this layer might include following components: event processing service, integration services, analytics services, UI services, and security and management services (Choi et al., 2012). The activities in service layer, such as information exchange, data processing, ontologies databases, communications between services, are conducted by following components: I Service discovery. It finds infrastructure that can provide the required service and information in an effective way. I Service composition. It enables the combination and interaction among the connected things. Discovery exploits the relationships of things to find the desired service, and service composition schedules or recreates more suitable services to obtain the most reliable ones. I Trustworthiness management. It aims to understand the trusted devices and information provided by other services. I Service APIs. It provides the interactions between services required by users. Recently, a number of service layer solutions have been reported. The SOCRADES integration architecture is proposed that can be used to interact between applications and service layers effectively (Fielding and Taylor, 2002); 12 CHAPTER 1: Introduction: Securing the Internet of Things things are abstracted as devices to provide services at low levels as network discovery services, metadata exchange services, and asynchronous publish and subscribe event (Kranenburg et al., 2011; Sundmaeker et al., 2010); In Peris-Lopez et al. (2006), a representational state transfer is defined to increase interoperability between loosely coupled services and distributed applications. In Hernandez-Castro et al. (2013), the services layer introduced a service provisioning process that can provide the interaction between appli- cations and services. It is important to design an effective security strategy to protect services against attacks in the service layer. The security requirements in the service layer include: I Authorization, service authentication, group authentication, privacy protection, integrity, security of keys, nonrepudiation, antireplay, availability, etc. I Privacy leakage. The main concern in this layer involves privacy leakage and malicious location tracking. I Service abuses. In IoT the service abuse attack involves: (i) illegal abuse of services; (ii) abuse of unsubscribed services. I Node identify masquerade. I DoS attack. I Replay attack, the attacker resends the data. I Service information sniffer and manipulation. I Repudiation in service layer, it includes the communication repudiation and services repudiation. The security solution should be able to protect the operations on this layer from potential threats. Table 1.6 summarizes the security threats on the service layer. Table 1.6 The Security Threats in Service Layer Security Threats Description Privacy threats Privacy leakage or malicious location tracking Services abuse Unauthorized user access services or the authorized users access unsubscribed services Identity masquerade The IoT end-device, node, or gateway are masqueraded by attacker Service information The information in services is manipulated by the attacker manipulation Repudiation Denial of the operations have been done DoS An attempt to make an IoT end-node resource unavailable to its users Replay attack The attack resends the information to spoof the receiver Routing attack Attacks on a routing path 1.2 Security Requirements in IoT Architecture 13 Ensure the data in service layer security is crucial but it is difficult. It involves fragmented, full of competing standards, and proprietary solutions. The SoA is very helpful to improve the security of this layer, but following challenges still need to be faced when building an IoT services or application: (1) data transmission security between service and/or layers; (2) secure services management, such as service identification, access control, services composite, etc. 1.2.4 ApplicationInterface Layer The applicationinterface layer involves a variety of applications and inter- faces from RFID tag tracking to smart home, which are implemented by stan- dard protocols as well as service-composition technologies (Ning et al., 2013). The requirements in applicationinterface layer strongly depend on the applications. For the application maintenance, following security require- ments will be involved: I Remote safe configuration, software downloading and updating, security patches, administrator authentication, unified security platform, etc. For the security requirements on communications between layers: I Integrity and confidentiality for transmission between layers, cross-layer authentication and authorization, sensitive information isolation, etc. In IoT in designing the security solutions, following rules should be helpful: a. Since most constrained IoT end-nodes work in an unattended manner, the designer should pay more attention to the safety of these nodes; b. As IoT involves billions of clustering nodes, the security solutions should be designed based on energy efficiency schemes; c. The light security scheme at IoT end-nodes might be different with existing network security solutions; however, we should design security solutions in a big enough range for all parts in IoT. Table 1.7 summarizes the security threats and vulnerabilities in IoT applicationinterface layer. Table 1.7 The Security Threats in ApplicationInterface Layer Security Threats Description Remote configuration Fail to configure at interfaces Misconfiguration Misconfiguration at remote IoT end-node, end-device, or end-gateway Security management Log and keys leakage Management system Failure of management system 14 CHAPTER 1: Introduction: Securing the Internet of Things Table 1.8 The Security Threats and Vulnerabilities in ApplicationInterface Layer Unauthorized Failure of Selfish Trojan, Virus, Privacy Access Node Masquerade Node Spam Leakage Physically security O O O protection Antivirus, firewalling O Access control O O O O Confidential O O O O Data integrity O O O O Availability Authentication O O O O Nonrepudiation O O O O Table 1.9 Security Threats Between Layers in the IoT Architecture Security Threats Description Sensitive information leakage at border The sensitive information might be not protected at the border of layers Identity spoofing The identities in different layers have different priorities Sensitive information spreads between Sensitive information spreads at different layers and causes information layers leakage In Table 1.8, we analyze the security threats and potential vulnerabilities in applicationinterface layer. The applicationinterface layer bridges the IoT system with user applications, which should be able to ensure that the interaction of IoT systems with other applications or users are legal and can be trusted. 1.2.5 Cross-Layer Threats Information in the IoT architecture might be shared among all of the four layers to achieve full interoperability between services and devices. It brings a number of security challenges such as trust guarantee, privacy of the users, and their date, secure data sharing among layers, etc. In the IoT architecture described in Fig. 1.2, information is exchanged between different layers, which may cause potential threats as shown in Table 1.9. The security requirements in this layer include (1) security protection, secur- ing to be ensured at design and execution time; (2) privacy protection, per- sonal information access within IoT system, privacy standards, and enhancement technologies; (3) trust has to be a part of IoT architecture and must be built in. 1.3 Security in Enabling Technologies 15 Table 1.10 Security Threats Between Layers in the IoT Architecture Security Threats Description Remote configuration Fail to configure remote IoT end-node, end-device, or end-gateway Misconfiguration Misconfiguration at remote IoT end-node, end-device, or end-gateway Security management Log and keys leakage at IoT end-node Management system Failure of management system 1.2.6 Threats Caused in Maintenance of IoT The maintenance of IoT can cause security problems, such as in configuration of the network, security management, and application managements. Table 1.10 summarized the potential threats that can cause risk in IoT. 1.3 SECURITY IN ENABLING TECHNOLOGIES 1.3.1 Security in Identification and Tracking Technologies The concept of IoT was coined based on the RFID-enabled identification and tracking technologies. A basic RFID system consists of an RFID reader and RFID tags. Due to its capability for identifying, tracing, and tracking, the RFID system has been widely applied in logistics, such as package tracking, supply chain management, healthcare applications, etc. An RFID system could provide sufficient real-time information about things in IoT, which are very useful to manufacturers, distributors, and retailers. For example, RFID application in supply chain management can improve backroom inventory- management practices. Although RFID technology is successfully used in many areas, it is still evolv- ing in developing active system, Inkjet-printing based RFID, and manage- ment technologies (Hepp et al., 2007). For adoption by the IoT, more identified problems need to be resolved, such as: collision of RFID readings, signal interferences, privacy protection, standardization, integration, etc. In the new era of IoT, the scope of identification has expended and included RFIDs, barcodes, and other intelligent sensing technologies. In RFID-enabled contactless technologies (ISO 14443 and 15693), security features have been implemented, such as cryptographic challenge-response authentication, 128-bit AES, triple-DES, and SHA-2 algorithms. The increasing use of RFID devices requires the RFID security guarantee from multiple sides: manufacture, 16 CHAPTER 1: Introduction: Securing the Internet of Things Table 1.11 Security Features in RFID Standards Security RFID Confidentiality Integrity Availability EPC Class 0/01 O O EPC Class 1 G1 O O EPC Class 1 G2 O O O ISO/IEC 18000-2 O O ISO/IEC 18000-3 O O O ISO/IEC 11784/5 O O ISO/IEC 15693 O O O Nonrepudiation O O O privacy protection, business processes. In general the security features of RFID include: I Tags/Readers collision problem I Data confidentiality I Tag-to-reader authentication I High-assurance readers Table 1.11 summarizes the security features of RFID standards. In RFID technologies, the security and privacy protection are not just techni- cal issues; important policy questions arise as RFID tags join to create large sensor networks. 1.3.2 Security in Integration of WSN and RFID The integration of wireless sensors and RFID empowers IoT in the implemen- tation of industrial services and the further deployment of services in extended applications. IoT with the integration of RIFD and WSNs makes it possible to develop IoT applications for healthcare, decision-making of com- plex systems, and smart civic systems such as smart transport, cities or water supply systems. The security issue in integration of RFID and WSNs involves following challenges: I Privacy, it involves the privacy of RFID devices and WSNs devices; I Identification and authentication, the identification has to be protected from tracking by unauthorized user in the network; I Communication security, the communication between RFID devices and IoT devices poses security threats that need to be addressed proactively, and appropriate measures must be implemented well; 1.3 Security in Enabling Technologies 17 I Trust and ownership, trust implies the authenticity and integrity of the communication parts such as sensor nodes and RFID tags; I Integration; I User authentication. 1.3.3 Security in Communications In IoT things are connected together in network access layer through different communication technologies. The IoT can be seen as an aggregation of het- erogeneous networks, such as WSNs, wireless mesh networks, mobile net- works, RFID systems, and WLAN. The communications between things/ networks are essential to make reliable information exchange, which requires the IoT to provide secure, reliable, and scalable connections. IoT would also greatly benefit from the existing communication protocols in Internet such as IPv6, as this addresses any number of things needed through the Internet directly (Pretz, 2013). The basic principles of secure communications in IoT include: authentication, availability, confidentiality, and integrity. The limit of resources of things makes it difficult to build a secure enough communica- tion for IoT; however, the IoT communication systems have to be designed to provide “secure enough” by finding the right balance between effort and benefit of protection measures. The security solution for communications should be designed high enough so that it will force the hackers to give up before they succeed. The commonly used communication protocols and the potential security features include: I RFID (e.g., ISO 18000 6c EPC class 1 Gen2), the security features include confidentiality, integrity, and availability. The security features for different standards can be found in Table 1.10. I NFC, IEEE 802.11 (WLAN), IEEE 802.15.4, IEEE 802.15.1 (Bluetooth), in these wireless communication technologies, following security are needed: confidentiality, integrity, authentication, availability, and detection of malicious intrusion. I IETF 6LoWPAN. Since 6LoWPAN is a combination of IEEE 802.15.4 and IPv6, which may cause potential vulnerabilities from the two sides that target all layers of the stack (Table 1.12). I Machine-to-Machine (M2M), tradition disruptive attacks in M2M such as DoS could have new consequences in M2M. I Traditional IP technologies, such as IP, IPv6, IPv4, etc., secure every device, address nearing exhaustion, networks simply won’t have enough addresses to assign to the explosion of devices unless they transit to IPv6. However, for IPv6 it could have further vulnerabilities that haven’t been discovered. In IPv6, IPsec could provide authenticity and integrity with authentication header, and the Encapsulated security payload provides 18 CHAPTER 1: Introduction: Securing the Internet of Things Table 1.12 Security Features in 6LoWPAN Layers Main Potential Attacks Application layer Overwhelm attack, path-based DoS attack Transport layer Flooding attack Network layer Malicious node attack; Sybil attack; Wormhole attack, Spoofing attack; routing attack, etc. Adaption layer Packets fragmentation attack Link layer Exhaustion attack, collision attack, interrogation attack Physical layer Tampering attack, etc. confidentiality. Recently, the transport layer security is developed as an alternative to IPsec to provide mutual authentication of two parties using public key infrastructures and X.509 certificates (Tao et al., 2014). I Key Management in IoT. Many key management systems (KMSs) have been proposed recently. In IoT, the KMS should be designed based on standard protocols. The IPsec applies the Internet Key Exchange (IKE) for automatic key management. For IEEE 802.15.4, no KMS is defined but in Cai et al. (2014), a lightweight key management IKEv2 is proposed for 6LoWPAN IPsec and IEEE 802.15.4. 1.3.4 Security in Networks The IoT is a hybrid network that involves a lot of heterogeneous networks, which requires multifaceted security solutions against network intrusions and disruptions. The IoT contains networks that connect with daily-used devices, such as smartphones, surveillance cameras, home appliances, etc. Support for heterogeneous networks can help IoT to connect the devices with different com- munication specification, QoS requirements, functionalities, and goals. On the other hand, support for heterogeneity can reduce the cost to implement IoT by well integrating diversified things. Meanwhile, some of the existing networking technologies, such as architecture, protocols, network management, security schemes, can be directly applicable in an IoT context. The networks involved in IoT are core parts of security working, and each subnetwork is required to pro- vide confidentiality, secure communication, encryption certificates, and that sort of things. In IoT no Intrusion Detection System (IDS) and Intrusion Prevention System (IPS) are specifically designed yet, but many watchdog-based IDS and IPSs could be used in the context of IoT. 1.3.5 Security in Service Management Service management refers to the implementation and management of the services that meet the needs of users or applications. Security solution at ser- vice layer is designed specifically in the context of the services. For services 1.4 Security Concerns in IoT Applications 19 such as consumer applications, logistical, surveillance, intelligent healthcare, the security concerns have some similarities: authentication, access control, privacy, integrity of information, certificates and PKI certificates, digital signa- ture and nonrepudiation, etc. For different services, the security concerns might be specifically designed depending on the service feature, scenarios, and special requirements. 1.4 SECURITY CONCERNS IN IoT APPLICATIONS The IoT enables information gathering, transmitting, and storing to be avail- able for devices in many scenarios, which creates or accelerates many applica- tions such as industrial control systems, retailing industry, smart shelf operations, healthcare, food and restaurant industry, logistic industry, travel and tourism industry, library applications, etc. It can also be foreseen that the IoT will greatly contribute to address the important issues such as busi- ness model, healthcare monitoring systems, daily living monitoring, and traf- fic congestion control. For applications in IoT, security and privacy are two important challenges. To integrate the devices of sensing layer as intrinsic parts of the IoT, effective security technology is essential to ensure security and privacy protection in various activities such as personal activities, business processes, transporta- tions, and information protection. In this section, we will focus on following five typical applications to address the potential security challenges. 1.4.1 Security Concerns in SCADA Systems SCADA systems are generally designed as more technical-oriented solutions often in the industrial environment with the sole intent to monitor processes without considering the security requirements and the needs to protect them from external threats. The SCADA systems are believed to play a huge role in industrial applications of IoT (Di Pietro et al., 2014). A SCADA could con- tain multiple elements: supervisory systems, PLCs, humanmachine inter- face, remote machine telemetry units, communication infrastructure, and various process and analytical instrumentation. From a security viewpoint, an attacker could target each of the above elements to compromise a SCADA system. In order to ensure the integration of SCADA systems into IoT, secure SCADA protocols should be designed to be able to connect with IoT environ- ments. However, this could raise the following security concerns (Bamforth, 2014; Kim, 2012; Perna, 2013): I Authentication and access control. To ensure secure communication, strong authentication must be implemented to allow access to main functionalities. On the other hand, authenticating and access control can well identify and assess the information sources. 20 CHAPTER 1: Introduction: Securing the Internet of Things I Identification of SCADA vulnerabilities. It is important to implement proper countermeasures and take corrective actions as appropriate. The software in SCADA should be regularly updated to tackle the security vulnerabilities. I Physical security. In SCADAs, physical security protection must be carefully evaluated for each component and each component is recommended to meet NIST FIPS standards. I System recovery and backups. The SCADAs should be designed to be able to rapidly recover from disaster or compromised status. 1.4.2 Security Concerns in Enterprise Information Systems Most companies have fulfilled their missions of installing enterprise informa- tion systems within their companies in the last two decades. These enterprise information systems have played the pivotal role in modern organizations existing as Enterprise Resource Planning (ERP) systems which integrated intraorganizational business processes to supply chain management systems that link interorganizational business processes, and Customer Relationship Management (CRM) systems that maintain relationships with customers (Li, 2011). Although the direct financial benefits and business performance of enterprise systems usage are still in controversy according to a series of studies conducted to investigate the enterprise system usage and organizational per- formance (Hendricks et al., 2007; Hitt et al., 2002; Wieder et al., 2006), most of them reported that enterprise systems usage causes positive impact on organizational operations by improving decision-making processes, and most importantly, integrating information and resources of an organization into one system. Centralizing information and resources is thus identified as the most important factor for adopting enterprise systems. Looking back histori- cally, it is technology innovation that moves the enterprise system’s wave for- ward. The increasing processing power of servers and PCs in the last two decades has enabled the client/server architecture for enterprise systems. It could be foreseen that the increased processing power will shift to small embedded-devices such as RFID tags, which could be widely implemented in many physical objects, leading to the new type of IoT-enabled enterprise sys- tems. The new IoT-enabled enterprise systems extend the current systems and could gather more integrated data and information, bringing the security chal- lenges to a new level. As most enterprise systems are installed inside organiza- tions’ intranets, the traditional security issues for enterprise systems mainly involve the identification process for users to access the system (Wieder et al., 2006). However, the IoT-enabled enterprise systems incorporate sensors into the enterprise systems and will involve more security challenges than the tra- ditional enterprise systems because the data and information carried by the sensors might go beyond the enterprise system physically. For example, the 1.4 Security Concerns in IoT Applications 21 collaborative warehouse implemented with the IoT technology gather data from the warehouse outside the ERP system and communicates with the ERP systems through different protocols (Wang et al., 2013). This new architecture of enterprise systems require the security concerns to focus more on the sen- sor layer as well as the middleware layer because in both there might be issues of data breach at these layers. For the application layer where the IoT applications might interact with the enterprise systems, special attention shall be given to identity authentication and application architecture because this layer is more vulnerable than other layers. 1.4.3 Security Concerns in Social IoT Social IoT is the spread and diffusion of IoT applications into societal level. Similarly to the socialization of many other technologies, IoT played an important role at the societal level. It will influence every part of our life from entertainment to energy usage. For example, wearable devices such as Google glasses will be very popular in the foreseeable future and the popular UP wristband by Jawbone has proven how popular the wearable devices could be. Other applications such as smart TV, smart meter, and smart home devices all implying a new digital world enabled by IoT are coming. IoT will make our worlds more connected as the connected car and many other con- nected devices are on the road (Atzori et al., 2012). However, IoT technology alone won’t be able to fulfill the task rather, other technologies have to be considered together to function as an integrated process. Social media and mobile APPs all played key role in this socialization of IoT part. In the future, we could see us all connected through social networks and social IoT devices. Security would be an essential part for the social IoT. As we are entering a new digital world enabled by the IoT, security issues in this digital world are a new challenge compared to the previous Internet security. Previous Internet security mainly focuses on the security protocols, antivirus software implementation, and firewalls. The social IoT security shall have some similarity to the Internet security in that they both shall have the secu- rity protocols but the social IoT security might involve more complex issues because the social IoT needs to integrate the heterogynous devices together. How to manage the interactions among all these heterogynous devices becomes the top issue for the social IoT security. Data and information com- municated over the IoT network need to be managed through a reliable framework. Ethical issues such as privacy, data access right, the degree of openness of data will all influence how the security architecture for social IoT to be constructed. When more and more devices are connected together, the traffic of data over the social IoT will also become a big issue. How to effectively design the traffic so that data over social IoT could be transferred securely in a reliable way will also become challenging. 22 CHAPTER 1: Introduction: Securing the Internet of Things 1.4.4 Confidentiality and Security for IoT-Based Healthcare The IoT motives eHealthcare and mobile healthcare integrated into IoT-based Healthcare, which covers traditional Internet-enabled healthcare applications (such as e-Pharmacy, e-Care, mobile healthcare, etc.). Similar to the social IoT security, the healthcare IoT security will involve integration of multisource data and information distributed over both the Internet and evolving IoT. As the healthcare is a highly sensitive yet personal area dealing with much pri- vate information from patients, especially the vulnerable group of people, the security design shall be paid more attention than many other IoT networks. For this reason, data confidentiality and data security might emerge as the most important factors to be considered when designing the healthcare secu- rity architecture. Other factors such as reliability (antihacker, antivirus, etc.), design issues (such as signature, authentication, etc.), and compliance issues shall also be carefully considered. In addition to the previous factors, health- care security is different from other industries, which features: I Not bilateral condition; I Regulated; I Community interested; I Legal issues. For these reasons, the design of the healthcare security system shall adopt a more reliable approach. The current healthcare-specific security standards include following four parts: I Authentication, identification, signature, nonrepudiation; I Data integrity, encryption, data integrity process, permanence; I System security, communication, processing, storage, permanence; I Internet security, personal health records, secures Internet services. In IoT-based healthcare system, the security issues include: I Security for patient confidentiality, I Security that enables electronic health records (authentication, data integrity), I Transmission security, I Security in healthcare data access, processing, storage, etc. 1.5 SUMMARY Security at both the physical devices and service applications is critical to the operation of IoT, which is indispensable for the success of IoT. Open problems remain in a number of areas, such as security and privacy protection, network protocols, standardization, identity management, trusted References 23 architecture, etc. In this chapter, we analyzed the security requirements and potential threats in a four-layer architecture, in terms of general devices secu- rity, communication security, network security, and application security. The security challenges in enabling technologies of IoT also are reviewed. In future research, the security strategies for IoT should be carefully designed by managing the tradeoffs among security, privacy, and utility to provide security in multilayer architecture of IoT. References Atzori, L., Iera, A., Morabito, G., Nitti, M., 2012. The social internet of things (siot)when social networks meet the internet of things: concept, architecture and network characterization. Comput. Networks 56 (16), 35943608. Bamforth, R., 2014. Internet of things, scada, ipv6 and social networking. Bi, Z., Xu, L., Wang, C., 2014. Internet of things for enterprise systems of modern manufacturing. IEEE Transact. Indust. Informat. Cai, H., Xu, L., Xu, B., Xie, C., Qin, S., Jiang, L., 2014. IoT-based configurable information service platform for product lifecycle management. Chen, Y., Han, F., Yang, Y.-H., Ma, H., Han, Y., Jiang, C., et al., 2014. Time-reversal wireless para- digm for green internet of things: an overview. Choi, J., Li, S., Wang, X., Ha, J., 2012. A general distributed consensus algorithm for wireless sen- sor networks. Paper presented at the Wireless Advanced (WiAd), 2012. Council, N., 2008. Disruptive civil technologies: six technologies with potential impacts on us interests out to 2025. Paper presented at the Conference Report CR. Di Pietro, R., Guarino, S., Verde, N., Domingo-Ferrer, J., 2014. Security in wireless ad-hoc networksa survey. Comput. Commun. 51, 120. Esad-Djou, M., 2014. IT-security: Weblogic server and oracle platform security services (OPSS). Retrieved from ,http://thecattlecrew.wordpress.com/2014/02/17/it-security- weblogic-server_1/.. Fielding, R.T., Taylor, R.N., 2002. Principled design of the modern web architecture. ACM Transact. Internet Technol. 2 (2), 115150. Floerkemeier, C., Roduner, C., Lampe, M., 2007. RFID application development with the accada middleware platform. IEEE Syst. J. 1 (2), 8294. Furnell, S., 2007. Making security usable: Are things improving? Comput. Security 26 (6), 434443. Gama, K., Touseau, L., Donsez, D., 2012. Combining heterogeneous service technologies for building an internet of things middleware. Comput. Commun. 35 (4), 405417. Gaur, H., 2013. Internet of things: thinking services. Gu, L., Wang, J., Sun, B., 2014. Trust management mechanism for internet of things. China Commun. 11 (2), 148156. He, W., Xu, L., 2012. Integration of distributed enterprise applications: a survey. Hendricks, K.B., Singhal, V.R., Stratman, J.K., 2007. The impact of enterprise systems on corpo- rate performance: a study of ERP, SCM, and CRM system implementations. J. Operat. Manage. 25 (1), 6582. 24 CHAPTER 1: Introduction: Securing the Internet of Things Hepp, M., Siorpaes, K., Bachlechner, D., 2007. Harvesting wiki consensus: using Wikipedia entries as vocabulary for knowledge management. IEEE Internet Comput. 11 (5), 5465. Hernandez-Castro, J.C., Tapiador, J.M.E., Peris-Lopez, P., Li, T., Quisquater, J.-J., 2013. Cryptanalysis of the SASI ultra-light weight RFID authentication protocol. arxiv. Hitt, L.M., Wu, D., Zhou, X., 2002. Investment in enterprise resource planning: business impact and productivity measures. J. Manage. Informat. Syst. 19 (1), 7198. Hoyland, C.A.M., Adams, K., Tolk, A., Xu, L.D., 2014. The rq-tech methodology: a new paradigm for conceptualizing strategic enterprise architectures. J. Manage. Analyt. 1 (1), 5577. HP Company, 2014. Internet of things research study. Retrieved from ,http://h30499.www3.hp. com/hpeb/attachments/hpeb/application-security-fortify-on-demand/189/1/HP_IoT_Research_ Study.pdf.. ITU, 2013. The internet of things, international telecommunication union (ITU) internet report. Kang, K., Pang, Z., Da Xu, L., Ma, L., Wang, C., 2014. An interactive trust model for application market of the internet of things. IEEE Trans. Indust. Informat. 10 (2), 15161526. Keoh, S., Kumar, S., Tschofenig, H., 2014. Securing the internet of things: a standardization perspective. Kim, H., 2012. Security and vulnerability of SCADA systems over ip-based wireless sensor networks. Int. J. Distrib. Sensor Networks 2012, 110. Kranenburg, R.V., Anzelmo, E., Bassi, A., Caprio, D., Dodson, S., Ratto, M., 2011. The internet of things. Paper presented at the 1st Berlin Symposium on Internet and Society (Versión electrónica). Consultado el. Li, D.X., 2011. Enterprise systems: state-of-the-art and future trends. IEEE Transact. Indust. Informat. 7 (4), 630640. Li, F., Xiong, P., 2013. Practical secure communication for integrating wireless sensor networks into the internet of things. Li, L., Li, S., Zhao, S., 2014a. Qos-aware scheduling of services-oriented internet of things. Li, L., Wang, B., Wang, A., 2014b. An emergency resource allocation model for maritime chemi- cal spill accidents. J. Manage. Analyt. 1, 146155. Li, S., Xu, L.D., Zhao, S., 2014c. The internet of things: a survey. Informat. Syst. Front. 17, 243259. Lim, M.K., Bahr, W., Leung, S.C., 2013. Rfid in the warehouse: a literature analysis (19952010) of its applications, benefits, challenges and future trends. Int. J. Product. Econom. 145 (1), 409430. Miorandi, D., Sicari, S., De Pellegrini, F., Chlamtac, I., 2012. Internet of things: vision, applica- tions and research challenges. Ad Hoc Networks 10 (7), 14971516. Ning, H., 2013. Unit and Ubiquitous Internet of Things. CRC Press, Boca Raton, FL. Ning, H., Liu, H., Yang, L.T., 2013. Cyberentity security in the internet of things. Computer 46 (4), 4653. Oppliger, R., 2011. Security and privacy in an online world. Computer 44 (9), 2122. Peris-Lopez, P., Hernandez-Castro, J.C., Estevez-Tapiador, J.M., Ribagorda, A., 2006. M2ap: a minimalist mutual-authentication protocol for low-cost rfid tags. Ubiquitous Intelligence and Computing. Springer, Heidelberg, pp. 912923. Perna, M., 2013. Security 101: securing SCADA environments. Retrieved from ,http://blog. fortinet.com/post/security-101-securing-scada-environments.. Pretz, K., 2013. The next evolution of the internet. Retrieved from ,http://theinstitute.ieee.org/ technology-focus/technology-topic/the-next-evolution-of-the-internet.. References 25 Raza, S., Shafagh, H., Hewage, K., Hummen, R., Voigt, T., 2013. Lithe: lightweight secure CoAP for the internet of things. Raza, S., Voigt, T., Jutvik, V., 2012. Lightweight ikev2: a key management solution for both the compressed ipsec and the IEEE 802.15. 4 security. Paper presented at the Proceedings of the IETF Workshop on Smart Object Security. Roe, D., 2014. Top 5 internet of things security concerns. Retrieved from ,http://www.cmswire. com/cms/internet-of-things/top-5-internet-of-things-security-concerns-026043.php.. Roman, R., Najera, P., Lopez, J., 2011. Securing the internet of things. Computer 44 (9), 5158. Roman, R., Zhou, J., Lopez, J., 2013. On the features and challenges of security and privacy in distributed internet of things. Comput. Networks 57 (10), 22662279. Sundmaeker, H., Guillemin, P., Friess, P., Woelfflé, S., 2010. Vision and challenges for realising the internet of things: EUR-OP. Tan, W., Chen, S., Li, J., Li, L., Wang, T., Hu, X., 2014. A trust evaluation model for e-learning sys- tems. Syst. Res. Behav. Sci. 31 (3), 353365. Tao, F., Cheng, Y., Xu, L.D., Zhang, L., Li, B.H., 2014. Cciot-cmfg: Cloud computing and internet of things based cloud manufacturing service system. Wang, F., Ge, B., Zhang, L., Chen, Y., Xin, Y., Li, X., 2013. A system framework of security man- agement in enterprise systems. Syst. Res. Behav. Sci. 30 (3), 287299. Wang, K., Wu, M., 2010. Cooperative communications based on trust model for mobile ad hoc networks. IET Informat. Security 4 (2), 6879. Weber, R.H., 2013. Internet of thingsgovernance quo vadis? Comput. Law Security Rev. 29 (4), 341347. Welbourne, E., Battle, L., Cole, G., Gould, K., Rector, K., Raymer, S., et al., 2009. Building the internet of things using rfid: the rfid ecosystem experience. IEEE Internet Comput. 13 (3), 4855. Wieder, B., Booth, P., Matolcsy, Z.P., Ossimitz, M.-L., 2006. The impact of erp systems on firm and business process performance. J. Enterprise Informat. Manage. 19 (1), 1329. Xiao, G., Guo, J., Xu, L., Gong, Z., 2014. User interoperability with heterogeneous iot devices through transformation. Xu, B., Xu, L.D., Cai, H., Xie, C., Hu, J., Bu, F., 2014a. Ubiquitous data accessing method in iot-- based information system for emergency medical services. Xu, L., He, W., Li, S., 2014b. Internet of things in industries: a survey. IEEE Transact. Indust. Informat. 99, 1. Xu, L.D., 2011. Information architecture for supply chain quality management. Int. J. Product. Res. 49 (1), 183198. Yao, X., Han, X., Du, X., Zhou, X., 2013. A lightweight multicast authentication mechanism for small scale iot applications. Yuan Jie, F., Yue Hong, Y., Li Da, X., Yan, Z., Fan, W., 2014. Iot-based smart rehabilitation system. IEEE Transact. Indust. Informat. 10 (2), 15681577. This page intentionally left blank CHAPTER 2 Security Architecture in the Internet of Things Shancang Li 2.1 INTRODUCTION The Internet of Things (IoT) is an extension of the Internet by integrating mobile networks, Internet, social networks, and intelligent things to provide better services or applications to users. The success of IoT depends on the standardization of security at various levels, which provides secured interop- erability, compatibility, reliability, and effectiveness of the operations on a global scale (Li et al., 2016). The IoT is able to connect the digital cyberspace and real physical space, in which the radio-connected intelligent sensors have invaded the physical space and these are now embedded even in everything from our toys to our office equipment, to our healthcare systems. It is clearer than ever before that the IoT is able to introduce all the vulnerabilities of the digital world into our real world. The success of IoT applications and IoT infrastructure significantly depends on the guarantee of the security and vulnerability in the IoT. Most common types of cyber-attacks can be easily applied to IoT, but as IoT will be deeply interwoven in everything in our lives and business, it is becoming necessary to set up and take cyber defense seriously. The IoT security becomes neces- sary, which has consequently resulted in a need to comprehensively under- stand the threats and attacks on IoT infrastructure. In this chapter, we will classify the security requirements and vulnerabilities in IoT, besides analyze and characterize intruders and attacks facing IoT infrastructures and services. The IoT significantly relies on data captured from a number of diverse sen- sors spread across a geographic region. For example, in the healthcare sec- tion, we are starting to see what the IoT will look like with manufacturers embedding network connectivity and intelligence within devices like patient bedside equipment. We can see the beginnings of interconnections between personal and business IoT capabilities, their smart wearables will soon be able to collect information and transmit that information to healthcare 27 Securing the Internet of Things. DOI: http://dx.doi.org/10.1016/B978-0-12-804458-2.00002-0 © 2017 Elsevier Inc. All rights reserved. 28 CHAPTER 2: Security Architecture in the Internet of Things FIGURE 2.1 Structure of a simple IoT system. providers through the cloud. The transportation sector is another exciting area where the concept of IoT-connected vehicles is sprouting and the infra- structure to support these vehicles is gaining traction. Furthermore, experi- ments with driverless cars will yield a future where the ability to collect and analyze sensor data from IoT-based roadside equipment will become even important. In many areas, the IoT capabilities have been implemented to meet unique needs and requirements; however, it can also bring security weaknesses and threats. It is important to understand that each unique implementation of IoT should be evaluated for security requirements. In this chapter, we only discuss a generic set of security requirements and vulnerabil- ities for the IoT; there will always be some level of customization required given the context of each distinct IoT implementation. Fig. 2.1 shows a sim- ple IoT structure that consists of service layer, gateway layer (network layer), and device layer (sensing layer). In the following sections, we will detail the security requirements, authentication/authorization, access control, threats, and attacks in IoT. 2.2 SECURITY REQUIREMENTS IN IoT The IoT introduces large quantities of new devices that will be deployed or embedded throughout an organization or even within a system. Each con- nected device could be a potential doorway into the IoT infrastructure or per- sonal data. Data captured from these devices can be analyzed and acted upon. The analysis of this data will allow previously unseen linkages to be made which may cause concern from the privacy of individuals or organiza- tion. The data security and privacy concerns are very important but the 2.2 Security Requirements in IoT 29 potential risks associated with the IoT will reach new levels as interoperabil- ity, mashups, and autonomous decision-making begin to embed complexity, security loopholes, and potential vulnerability. Privacy risks will arise in the IoT since the complexity may create more vulnerability that is related to the service. In IoT, much information is related with our personal information, such as date of birth, location, budgets, etc. This is one aspect of the big data challenging, and security professions will need to ensure that they think through the potential privacy risks associated with the entire data set. The IoT should be implemented in a lawful, ethical, socially, and politically acceptable way, where legal challenges, systematic approaches, technical chal- lenges, and business challenges should be considered. This paper focuses on the technical implementation design of the security IoT architecture. Security must be addressed throughout the IoT life cycle from the initial design to the services running. The security has been a big concern in the IoT, but what are the most signifi- cant data security and privacy concerns of the IoT are not clearly defined yet. Data security and privacy concerns are not new to the IoT—similar issues have been done from the early days of radio-frequency identification (RFID) adoption. For example, when the electronic passport with RFID tags started equipping passport, the data could be read from as far as 30 ft via equipment available on eBay for $250. The State department had to make changes to the RFID tags and even though the new generation of tags is more secure, the risks associated with the IoT will reach new levels as interoperability, mashups, and autonomous decision-making begin to embed complex, secu- rity loopholes and potential “black swan” events. 2.2.1 IoT Data Security Challenges Similar to the general network systems, Fig. 2.2 shows the security require- ments of a simple IoT framework, in which the main security requirements are addressed from six aspects: I Confidentiality—data secured to authorized; I Integrity—data is trusted; I Availability—data are accessible when and where needed; I Nonrepudiation—service provides a trusted audit trail; I Authenticity—components can prove their identity; I Privacy—service does not automatically see customer data. Privacy risks will arise as objects within the IoT collect and aggregate frag- ments of data that relate to their service. The collation of multiple points of data can swiftly become personal information as events are reviewed in the context of location, time, recurrence, etc. This is one aspect of the big data
Enter the password to open this PDF file:
-
-
-
-
-
-
-
-
-
-
-
-